dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
23
share rss forum feed


Smokey Bear
veritas odium parit
Premium
join:2008-03-15
Annie's Pub
kudos:4
reply to Smokey Bear

Re: Extremely critical vulnerability Samsung Android devices

Third-party fixes: I will only mention Chainfire's fix. It's the only one that is secure. Both Supercurio's and RyanZA's method leave you with easily exploitable holes any serious malware author will abuse.

About Chainfire's fix

said by Chainfire :
This is an APK that uses the ExynosAbuse exploit (by alephzain) to be able to do various things on your Exynos4 based device.

Features for non-rooters:
- Securely patch the exploit

Features for rooters:
- Root the device (SuperSU v0.99)
- Enable/disable the exploit at will
- Enable/disable patching the exploit at boot
- Unroot and cleanup (optionally leaving the exploit patch at boot in place)

Please note that patching the exploit may break camera functionality, depending on device and firmware. Also note that if use the patch method without rooting, or keep patching the exploit at boot enabled when unrooting, you need an alternate method to re-root the device to disable this feature (like CF-Auto-Root) - you cannot use ExynosAbuse to do this since it patched the exploit. Unlike other patch authors, I do not believe in keeping an invisible rooted process running in the background while pretending you aren't rooted, to be able to unpatch this way.

While the exploit patches work (aside from possibly disabling your camera), these are more work-around than actual fixes. A proper patch would be a kernel fix, either from a third party or Samsung themselves.
Download the fix here: »forum.xda-developers.com/showthr···=2050297

Note: please do not redistribute the fix!
--
»bit.ly/gUqYaH - C. Brian Smith: Think of the exclamation point as a car horn: a little goes a long way. Lay on it too hard and everyone’s going to think you’re a moron.